Reply to Message

How about security?

honeymonster Updated - 17th Aug 2009

Update: I have answered my own questions with the precious few details found here: http://www.apple.com/macosx/technology/

Are there any security improvements in Snow Leopard? yes, a few

Will the NX/DEP finally be switched on in Safari and all other internet facing programs?
Presumably it will be switched on for 64bit programs. All bundled apps will be 64 bit, but 3rd party apps may not be

Will ASLR be extended to more than a few system libraries and have increased entropy? no info

Will SL have any form of heap corruption protection, like e.g. heap encryption/checksum or canaries? Any safe exception handling in sight? yes, heap checksumming. No mentioning of exception handling

How about memory allocation techniques to foil attacks, such as variable reordering, string protection etc? No info

Last but certainly not least, will the "sandbox" finally be turned on to protect Safari, mail.app etc? No info. Presumably not because a real sandbox is an architectural change which involves splitting apps up in more processes

I was told a long time ago that Snow Leopard would be the release of OSX which would finally get it right. SL does feature more security for 64bit apps.

OSX is still by far the most vulnerable operating system out there. IBM researchers find that OSX is hit with 3 times the vulnerabilities compared to Vista for the past 3 years. 2009 is no different, according to Secunia. Independant security researchers are all telling it like it is: OSX is the easiest OS to exploit. Once you find a vulnerability (plenty to choose from) nothing prevents you from exploiting it. Unlike Vista and to some degree, Linux.

There are now definite signs that attackers now are beginning to turn their attention to OSX. Must OSX users wait another 2-3 years for Apple to catch up while OSX is a swiss cheese?